Media Share 13

home *** CD-ROM | disk | FTP | other *** search

/ Media Share 13 / mediashare_13.zip / mediashare_13 / ZIPPED / PROGRAM / APR94_1.ZIP / UC494.ASC < prev next >

Wrap

Text File | 1994-02-27 | 5KB | 134 lines

_UNDOCUMENTED CORNER COLUMN_ edited by Andrew Schulman written by Klaus Muller Listing One ;;; _AddInstanceItem hook from LISTINST.386 ;;; from DDK VMM.INC InstDataStruc struc InstLinkF dd 0 ; linked list forward ptr InstLinkB dd 0 ; linked list back ptr InstLinAddr dd ? ; Linear address of start of block InstSize dd ? ; Size of block in bytes InstType dd ? ; INDOS_Field or ALWAYS_Field -- ignored? InstDataStruc ends ;;; from LISTINST.INC -- my InstData struct includes caller address KM_InstData struc AddInst_Caller dd ? InstDataStruc { } ; from VMM.INC KM_InstData ends ;;; from LISTINST.ASM oldservice dd 0 ; return value from Hook_Device_Service Inst_Struc_Ptr dd 0 ; InstLinkF from InstDataStruc calladr dd 0 ; address of _AddInstanceItem caller Data_Buf_Addr dd 0 ; created with _PageAllocate PG_SYS Data_Buf_Size dd 0 Data_Buf_Handle dd 0 Inst_Data_Count dd 0 ; number of instance items seen so far ;;; from LISTINST.AM Sys_Critical_Init handler ;Instancing of the first byte in the 1st MB in order to get all calls to ;_AddInstanceItem befor ListInst_Sys_Critical_Init. The _AddInstanceItem ;service chains the InstDataStrucs together to a sorted double linked list ;via InstLinkF and instLinkB. ;If the LinkF field is -1, no other calls were made. ;If LinkF <> -1, then it represents a call to _AddInstanceItem caused by a ;system.ini - entry "LOCALTSRS= tsr_name". The VMM instances the whole TSR, ;the first 16 Byte represents the MCB of the PSP. So we can determine the name ;of the fully instanced TSR. ;;; ... mov KM_Instance.InstLinAddr,0 mov KM_Instance.InstSize,1 mov KM_Instance.InstType,ALWAYS_FIELD mov esi,offset32 KM_Instance VMMcall _AddInstanceItem <esi,0> cmp KM_Instance.InstLinkF,-1 ;any LOCALTSRS ? je nolocal mov esi,KM_Instance.InstLinkF ;yes, get it loclp: mov Inst_Struc_Ptr,esi mov calladr,'LTSR' call addinst ;add instance item to our list mov esi,[esi.InstDataStruc.InstLinkF] ;get next InstDataStruc cmp esi,-1 ;no more strucs? jne loclp nolocal:mov eax,_AddInstanceItem mov esi,offset32 myhook VMMcall Hook_Device_Service mov [oldservice],esi ;;; ... BeginProc Hooked_AddInstanceItem ; The AddInstanceItem Hook stores the callers address ; and the instance data pointer in the Inst_Data_Buf buffer. myhook: push ebp mov ebp,esp push [ebp+0ch] ; Flags push [ebp+8] ; Instance Structure Pointer push [ebp+8] pop Inst_Struc_Ptr push [ebp+4] ; get caller's return address! pop calladr call [oldservice] ; call original _AddInstanceItem add esp,8 pop ebp cmp eax,0 ; error in _AddInstanceItem ? je exit call addinst ; add Instance Item to our list exit: ret ;***************************************************************************** ;addinst - adds an instance item to our list. ;INPUT: calladr - address of caller of _AddInstanceItem ; Inst_Struc_Ptr - address of InstDataStruc ;OUTPUT: hookerr = -1 - error growing Data_Buf ; hookerr = 0 - all O.K. ;***************************************************************************** addinst:push edi push esi push ecx push eax hook2: mov edi,Data_Buf_Addr mov ecx,Inst_Data_Count imul ecx,sizeof KM_InstData add edi,ecx push edi add edi,sizeof KM_InstData mov ecx,Data_Buf_Addr add ecx,Data_Buf_Size cmp edi,ecx pop edi jl hook1 mov ecx,Data_Buf_Size add ecx,1000h shr ecx,0ch mov edx,Data_Buf_Handle VMMcall _PageReAllocate <EDX, ECX, PAGEZEROINIT> cmp eax,0 je hookerr add Data_Buf_Size,1000h mov Data_Buf_Handle,eax mov Data_Buf_Addr,edx jmp hook2 hook1: mov eax,calladr ;save caller's address in buffer stosd mov esi,Inst_Struc_Ptr mov ecx,(sizeof InstDataStruc)/4 rep movsd ;save instance data struc inc Inst_Data_Count hookret:pop eax ;next offset pair pop ecx pop esi pop edi ret hookerr:mov hook_err,-1 jmp hookret EndProc Hooked_AddInstanceItem